SCA is creating bulk of logs.

Hello mates,

I'm facing a problem in SCA scan for php

whenever I start scanning PHP code Fortify SCA creates bulk of logs like 200 to 250 GBs and never stop, until it consumes all the space on the disk.

Also I'm unable to read logs as no editor is capable to open such a large file.

Please suggest some good solutions.

  • I would start by create a new directory with just one PHP in it ... scan that perhaps with scan wizard.

    Does it stop quickly?

    Then introduce more code ... like say 50 files at a time ... recall which files were added. If you start to hit the explosing - take those 50, put them in a new dir ..does it still repro? IE binary chop to determine if one file is somehow corrupt?

  • btw if your PHP is open source then consider pining the URL .. .but for closed source - you are on your own.
    I would suggest adding -debug - verbose -logfile tran.log and tail the tran_FortifySupport.log .. get read to Ctrl C when you hit something nasty and send logs to uFocus.
    You also dont say how up to date your rules/SCA is

  • any update here Muhammad? I am on vacation soon for a couple of weeks. Was hoping to help you a bit more. As I said, if you are Linux then tail -f the tran.log (which you generate with -debug -verbose -logfile tran.log) ... infact better to tail -f tran_FortifySupport.log since you should use verbose and debug.

    Try to spot quickly what is happening. Post a snippet here or create a Forfify case (And their support will ask what I ask plus a little bit more)